Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  Security Vulnerabilities
CVE-2025-36892
Denial of service
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-04
CVE-2025-36893
In ReadTachyonCommands of gxp_main_actor.cc, there is a possible information leak due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-09-04
CVE-2025-36894
In TBD of TBD, there is a possible DoS due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-09-04
CVE-2025-36895
Information disclosure
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-04
CVE-2025-36896
WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-394765106.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-09-04
CVE-2024-56189
In SAEMM_DiscloseMsId of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure post authentication with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-09-04
CVE-2024-56190
In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-09-04
CVE-2025-9867
Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-03
CVE-2025-9865
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-03
CVE-2025-21035
Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles.
CVSS Score
4.6
EPSS Score
0.0
Published
2025-09-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved